Hello,
I was trying to set up a new subnet and DHCP scope on my LAN. I noticed on my DHCP server that BAD_ADDRESS placeholders were filling in many off the addresses in the range. I looked on my core switch and there was no corresponding ARP entry. I did a port scan on NMAP of the IP and got the following output:
Starting Nmap 7.70 ( [link]https://nmap.org[/link] ) at 2018-08-27 14:10 Central Daylight Time Nmap scan report for 192.168.73.105 Host is up (0.0019s latency). Not shown: 65524 filtered ports PORT STATE SERVICE VERSION 21/tcp open ftp? 25/tcp open smtp? 80/tcp open http? 110/tcp open pop3? 113/tcp closed ident 135/tcp open msrpc? 143/tcp open imap? 443/tcp open https? 8008/tcp open http 8010/tcp open ssl/http-proxy FortiGate Web Filtering Service 8020/tcp open http-proxy FortiGate Web Filtering Service
Browsing to ports 8008, 8010, or 8020 takes me to a page titled "Web Filter Block Override" with the message in the title. I tried a few other IPs on the subnet and they yielded the same result. Finally, I swept a different /24 subnet that doesn't have a gateway on my network with nmap -sn and all the hosts showed up. Any host I ran a port scan on came back with the same result as above, and the 8000 ports lead to the same webpage. I do have a FortiGate 200E with web filtering enabled, but is this normal behavior? We also use FortiClient on our endpoints that are managed by a separate EMS server if that could play any role.
If anyone has an idea of what is happening here, I'd definitely appreciate an explanation.
Greetings!
What range are you trying to configure?
Is that range configured or does it overlap with any configuration on FortiGate?
Regards!
If you have found a solution, please like and accept it to make it easily accessible for others.
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2677 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.